CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4806

Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) var1 and (2) keyword parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.1%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2011-4806

Phpalbum » Phpalbum » Version: 0.2.1

cpe:2.3:a:phpalbum:phpalbum:0.2.1
Phpalbum » Phpalbum » Version: 0.2.2

cpe:2.3:a:phpalbum:phpalbum:0.2.2
Phpalbum » Phpalbum » Version: 0.2.3

cpe:2.3:a:phpalbum:phpalbum:0.2.3
Phpalbum » Phpalbum » Version: 0.2.4

cpe:2.3:a:phpalbum:phpalbum:0.2.4
Phpalbum » Phpalbum » Version: 0.3.0

cpe:2.3:a:phpalbum:phpalbum:0.3.0
Phpalbum » Phpalbum » Version: 0.3.1

cpe:2.3:a:phpalbum:phpalbum:0.3.1
Phpalbum » Phpalbum » Version: 0.3.2

cpe:2.3:a:phpalbum:phpalbum:0.3.2
Phpalbum » Phpalbum » Version: 0.4.1-14

cpe:2.3:a:phpalbum:phpalbum:0.4.1-14
Phpalbum » Phpalbum » Version: 0.4.1.14

cpe:2.3:a:phpalbum:phpalbum:0.4.1.14
Phpalbum » Phpalbum » Version: 0.4.1.15

cpe:2.3:a:phpalbum:phpalbum:0.4.1.15
Phpalbum » Phpalbum » Version: 0.4.1.16

cpe:2.3:a:phpalbum:phpalbum:0.4.1.16

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4806

Products

Pricing

Contact Us